CVE-2026-10163NVD

Vulnerability Summary

A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of the argument UserName/Password leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Severity Level

HIGH(8.8)

Published Date

May 31, 2026

Last Modified

Jun 2, 2026

Exploitation Status

UNKNOWN

Root Weakness (CWE)

N/A

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://vuldb.com/vuln/367416
https://vuldb.com/vuln/367416/cti
https://vuldb.com/submit/818599
https://lavender-bicycle-a5a.notion.site/EDIMAX-BR6478ACV2-formUSBAccount-34b53a41781f803eb9b0dae1fea4dc3e?source=copy_link